Data Management Flashcards
What are the 3 principles of GDPR and DPA 2018?
Used fairly
Lawfully
Transparently
What the is the UK’s version of GDPR and what does it do?
Data Protection Act 2018. It governs how personal data should be processed and protects the privacy rights of individuals.
What are key rights of Data Subjects?
-Right to be informed
-Right to Access
Right to Rectification
-Right to Erasure
-Right to restrict processing
-Right to data portability
-Right to object
-Rights related to automated decision making and profiling.
Who is a Data Controller?
Someone who determines the purposes and means of processing personal data.
Who is a Data Processor?
Someone who processes data on behalf of a data controller.
What is a DPIA?
Data Protection Impact Assessment. These are required for processing activities that are likely to result in high risk to individuals’ rights and freedoms.
Who oversees compliance with GDPR within an organisation?
A data protection officer (DPO). They also act as point of contact for data subjects and supervisory authorities.
When should a data breach be reported to the relevant supervisory authority?
Within 72 hours if they pose risk to individuals’ freedoms and rights.
What is the penalty for breaching GDPR?
Penalties can reach up to 20m euros or 4% of annual global turnover whichever is higher.
What does the Freedom of Information Act 2000 grant?
The act provides public access to info held by public authorities. Aims to promote transparency and accountability.
Who long does a FOIA request take?
Public authorities required to respond within 20 working days. Must confirm or deny if they hold requested info and provide the info if its not exempt.
Can authorities charge fees for a FOIA request?
Yes but they are regulated. If cost of compliying exceeds set limit (currently £450 for public authorities and £600 for central gov) the authority can refuse request or charge additional fee.
Who is a Data Subject?
An individual with whom the personal data relates to.
What is copyright?
Type of intellectual property that protects original work from being copied.
What is intellectual property?
Intangible property that is the result of creativity e.g. patents and copyright.
What is primary data?
Data collected from the data source.
What is secondary data?
Data collected in past by someone else but made available for others to use.
What are some limitations of both primary and secondary data?
Primary Data:
-Can be very expensive compared to secondary data.
-Can be time consuming to collect.
-May not be feasible to collect due to complexity and required commitment.
Secondary data:
-May not be authentic and reliable.
-Some data may be exaggerated due to personal bias.
-Sometimes source is outdated.
What is the difference between a deed and a registered title?
Dead = the physical document that proves ownership
Registered Title = Concept of legal ownership that the deed grants you
What is a firewall?
A network security device that monitors and filters incoming and outgoing traffic based on an organisation’s previously established security policies.
How can you protect your electronic data from viruses?
-Keep your system up to date
-Install antivirus software
-Choose strong passwords
-Firewalls
Do you have a company policy relating to copyright?
Yes, a breach of copyright is against the law and every employee should ensure no offence is committed.
All maps from sources will have copyright and this means that we may not use versions without express permission.
As a company we currently have licenses for using Promap and Ordnance Survey maps.
Aerial photos, plans and drawings - Employees are to assume that these items are subject to copyright. Check small print before using.
What is a CRM system?
Customer Relationship Management system. Helps manage customer data. For example Alcium.
Explain the benefits of using a CRM vs Excel?
Excel negatives:
- Impossible for storing attachments.
-Very limited collaboration amongst colleagues.
-Reporting is manual unlike CRM were reports are updated automatically.
What does the Limitation Act 1980 state in terms of file records?
It states that claims can be brought against Surveyor for up to 15 years from date of negligent act. Files should also be retained for this period.
What does the Privacy and Electronic Communications Regulations 2003 relate to?
Used to supplement GDPR legislation. Sets out more privacy rights on electronic communication. For example there are rules on marketing calls/emails along with cookies.
What does encryption mean?
Its the process of converting information or data into a code to prevent unauthorised access.
What is an Electronic Document Management System?
A computerized system to store, share, track and manage files. For example sharepoint.